Title :
Host based IDS for NDP related attacks: NS and NA Spoofing
Author :
Kumar, Narendra ; Bansal, Gourab ; Biswas, Santosh ; Nandi, Sukumar
Author_Institution :
Dept. of CSE, IIT Guwahati, Guwahati, India
Abstract :
To accommodate more hosts in the network, IP Version 6 (IPv6) is used. It also allows flexibility in allocating addresses and efficient routing for internet traffic using Stateless Autoconfiguration method (SLAAC) and Neighbor Discovery Protocol (NDP). Although efficient, NDP and SLAAC represent a significant security risk in IPv6. IPSec, which is mandated by the IPv6 specifications for security, is not suited to easily secure Ipv6 messages because of the need to manually configure the IPSec keys. Without IPSec protection, IPv6 messages can be easily spoofed. In this paper we propose a host based IDS using active detection technique for IPv6 (NDP). In this scheme we verify any change made in host cache using either data tables (passive) or by sending active probes in real time. The scheme is successfully validated in a test bed with various attack scenarios and the results show the effectiveness of the proposed technique.
Keywords :
IP networks; probes; protocols; telecommunication security; IP Version 6; IPSec keys; IPv6 specifications; Internet traffic; Ipv6 messages; NA spoofing; NDP; NDP related attacks; NS spoofing; Stateless Autoconfiguration method; active detection technique; active probes; attack scenarios; host based IDS; neighbor discovery protocol; routing; security risk; Force; IP networks; Internet; Probes; Protocols; Security; Standards;
Conference_Titel :
India Conference (INDICON), 2013 Annual IEEE
Conference_Location :
Mumbai
Print_ISBN :
978-1-4799-2274-1
DOI :
10.1109/INDCON.2013.6726054
